If you are using the standard ntpd daemon to serve time to the public internet, it’s important that you make sure it is configured to not reply to “monlist” queries. Many routers and other equipment are included in this.
The configuration recommendations include the appropriate “restrict” lines to disallow any management queries to ntpd. Most Linux distributions will have an updated version by now that just disables the “monlist” queries, that will also solve the primary problem.
The NTP Support wiki has more information.
If your server is part of the NTP Pool, the system also does a periodic check if your server responds to mode6/mode7 information queries and will warn you on the manage page if it does.
If you operate a network you can use the Open NTP Project to see if you have vulnerable devices on your network.